Post navigation

Marketplace has aired an interesting piece on the growing trend of using “white hat” hackers as a part of corporate IT strategy as a means of testing and improving IT security.

It is well worth a listen, and is an excellent starting point for consideration of your businesses security and privacy measures. If some form of auditing of your security and privacy measures (not just hardware and software, but policies, procedures, and practices, as well) then your company may needlessly be laying itself open to significant liability, expenses, and damage to business reputation.

This is an interesting piece on the IT company Lavabit, which, before its shutdown, provided secure e-mail services to its customers. The story details the steps taken by the FBI to force Lavabit to turn over encryption keys and take other steps which would not only provide the FBI with access to Edward Snowden’s e-mail account on the service, but would render vulnerable the accounts of any individual or company making use of the service, without warrant and without court oversight.

In pressuring Lavabit to capitulate to its requests for “technical assistance” including divulging the private encryption keys used by the service, the owner of the company was pursued for contempt of court, fined $10,000.00, and then threatened with arrest when he publicly announced his intention to shutter the company.

The tale of Lavabit is something of a cautionary tail for companies that provide IT services. But even more, it should be a wake-up call to both users and providers of IT services regarding the boundaries of privacy and the lengths to which the government is willing to steamroll even legitimate businesses which seek to guard their customer’s privacy.

This is an absolutely fascinating look at how the law behind the NSA Domestic spying program originated and it clearly demonstrates the frightening power of the so-called “law of unintended consequences”.

Certainly the origin of the legal concepts at play here make it clear how ridiculous the extremes to which they are now being carried by the likes of the NSA truly are. I would call it “insanity” but sadly it is, arguably, the law.